<?php
require_once("../data/DataHandler.php");
require_once("../config/FileTypes.php");
session_start();
  $active_user = $_SESSION['active_user'];
  if ($active_user->getRole() != "CHAIR") {
    die("Invalid Access");
  }
$allowed_filetypes = array('.pdf', '.PDF', '.zip', '.ZIP', '.rar', '.RAR');
$upload_path = '../pdf/';

$filename = $_FILES['pdffile']['name']; // Get the name of the file (including file extension).

$ext = substr($filename, strpos($filename, '.')); // Get the extension from the filename.
$newfilename = $_POST['applicant_email'] . $ext;

// Check if the filetype is allowed, if not DIE and inform the user.
if (!in_array($ext, $allowed_filetypes)) {
  die('The file you attempted to upload is not allowed.');
}
// Check if we can upload to the specified path, if not DIE and inform the user.
if (!is_writable($upload_path)) {
  die('You cannot upload to the specified directory, please CHMOD it to 777.');
}

//if zip or rar - unpack
if (preg_match('/zip/', $ext) || preg_match('/ZIP/', $ext) || preg_match('/rar/', $ext) || preg_match('/RAR/', $ext)) {
  $zip = new ZipArchive;
  if ($zip->open('/pdf/' . $newfilename) === TRUE) {
    //check if exists
    $zip->extractTo('/pdf/');
    $zip->close();
    echo 'ok';
  } else {
    echo 'failed';
  }
} 

// check if file exists
//if yes die if no continue
// Upload the file to your specified path.
if (move_uploaded_file($_FILES['pdffile']['tmp_name'], $upload_path . $newfilename))
  echo 'Your file upload was successful, view the file <a href="' . $upload_path . $newfilename . '" title="Your File">here</a>';
else
  echo 'There was an error during the file upload.  Please try again.';
?>